<head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<title>kali工具箱</title>
<script src="./static/bootstrap.min.js"></script>
<link rel="stylesheet" href="./static/main.css">
<link rel="stylesheet" href="./static/bootstrap.min.css">
<style type="text/css" id="syntaxhighlighteranchor"></style>
</head>
<main class="main-container ng-scope" ng-view="">
<div class="main receptacle post-view ng-scope">
<article class="entry ng-scope" ng-controller="EntryCtrl" ui-lightbox="">
<section class="entry-content ng-binding" ng-bind-html="postContentTrustedHtml">
<section class="l-section"><div class="l-section-h i-cf"><h2>eapmd5pass Package Description</h2>
<p style="text-align: justify;">EAP-MD5 is a legacy authentication mechanism that does not provide sufficient protection for user authentication credentials. Users who authenticate using EAP-MD5 subject themselves to an offline dictionary attack vulnerability. This tool reads from a live network interface in monitor-mode, or from a stored libpcap capture file, and extracts the portions of the EAP-MD5 authentication exchange. Once the challenge and response portions have been collected from this exchange, eapmd5pass will mount an offline dictionary attack against the user’s password.</p>
<p>Source: http://www.willhackforsushi.com/code/eapmd5pass/1.4/README<br>
<a href="http://www.willhackforsushi.com/?page_id=67" variation="deepblue" target="blank">eapmd5pass Homepage</a> | <a href="http://git.kali.org/gitweb/?p=packages/eapmd5pass.git;a=summary" variation="deepblue" target="blank">Kali eapmd5pass Repo</a></p>
<ul>
<li>Author: Joshua Wright</li>
<li>License: GPLv2</li>
</ul>
<h3>Tools included in the eapmd5pass package</h3>
<h5>eapmd5pass – Dictionary attack against EAP-MD5</h5>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="790b16160d3912181510">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# eapmd5pass -h<br>
eapmd5pass - Dictionary attack against EAP-MD5<br>
<br>
Usage: eapmd5pass [ -i &lt;int&gt; | -r &lt;pcapfile&gt; ] [ -w wordfile ] [options]<br>
<br>
  -i &lt;iface&gt;    interface name<br>
  -r &lt;pcapfile&gt; read from a named libpcap file<br>
  -w &lt;wordfile&gt; use wordfile for possible passwords.<br>
  -b &lt;bssid&gt;    BSSID of target network (default: all)<br>
  -U &lt;username&gt; Username of EAP-MD5 user.<br>
  -C &lt;chal&gt; EAP-MD5 challenge value.<br>
  -R &lt;response&gt; EAP-MD5 response value.<br>
  -E &lt;eapid&gt;    EAP-MD5 response EAP ID value.<br>
  -v        increase verbosity level (max 3)<br>
  -V        version information<br>
  -h        usage information<br>
<br>
The "-r" and "[-U|-C|-R|-E]" options are not meant to be used together.  Use -r<br>
when a packet capture is available.  Specify the username, challenge and<br>
response when available through other means.</code>
<h3>eapmd5pass Usage Example</h3>
<code><a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="f2809d9d86b299939e9b">[email&#160;protected]</a><script data-cfhash='f9e31' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName('script'),e=t.length;e--;)if(t[e].getAttribute('data-cfhash'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute('data-cfemail')){for(e='',r='0x'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+='%'+('0'+('0x'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>:~# coming soon</code>
</div></section><div style="display:none">
<script src="//s11.cnzz.com/z_stat.php?id=1260038378&web_id=1260038378" language="JavaScript"></script>
</div>
</main></body></html>
